Security News > 2021 > September

The global cloud computing market size is expected to reach $1,251. Increasing adoption of 5G, IoT, and AI is expected to further support the growth of the market for cloud computing.

A recent Authentication Security Strategy survey by Enzoic and Redmond magazine revealed insights into the way that passwords are currently being used in various organizations, and what the future looks like regarding this ubiquitous authentication method. How much longer organizations expect to use passwords.

Security teams spend most of their time preparing their organizations' defenses and doing operational work. Security teams with copious resources can quickly shift between these two modes.

All that the FBI/ransomware negotiators/investigators do is muck things up, so we're going to publish your stuff if you call for help, the Ragnar Locker ransomware gang announced on its darknet data-leak site. To rub salt into the wounds of the companies that Ragnar Locker preys upon, the gang went on to refer to their victims as "Clients," as if any of their long list of targets had mulled it all over and decided that it was high time to have their files encrypted and their businesses paralyzed and had therefore contracted with the Ragnar Locker group to get the job done.

In an advisory issued on Tuesday, Microsoft said some of its users were targeted by poisoned Office documents that exploit an unpatched flaw to hijack their Windows machines. Miscreants are seemingly placing a malicious ActiveX control in an Office document and convincing victims to open or view it, potentially achieving remote code execution.

Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that's being used to hijack vulnerable Windows systems by leveraging weaponized Office documents. "Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents," the company said.

The ProPublica report says that WhatsApp contractors "Sift through streams of private messages, images and videos that have been reported by WhatsApp users as improper and then screened by the company's artificial intelligence systems." WhatsApp in a statement emailed to The Register pushed back against ProPublica's claims.

Coldwind verified the vulnerabilities on the Netgear GS110TPV3 Smart Managed Pro Switch using firmware version 7.0.6.3 and below. GS752TPP fixed in firmware version 6.0.8.2.

Microsoft today shared mitigation for a remote code execution vulnerability in Windows that is being exploited in targeted attacks against Office 365 and Office 2019 on Windows 10. Microsoft is aware of targeted attacks that try to exploit the vulnerability by sending specially-crafted Microsoft Office documents to potential victims, the company says in an advisory today.

Does your company need a head of data privacy, a data breach response plan, blockchain technology or something else to keep its data safe? Here are some challenges and recommendations. I wrote about Data Privacy Day to provide some tips and best practices in January, but it takes more than one day a year to properly focus upon data privacy.